CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2016(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-1000215 DoS 2016-10-25 2017-07-06
5.0
None Remote Low Not required None None Partial
Ruckus Wireless H500 web management interface denial of service
2 CVE-2016-10088 416 DoS 2016-12-30 2017-01-06
6.9
None Local Medium Not required Complete Complete Complete
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
3 CVE-2016-9942 119 DoS Exec Code Overflow 2016-12-31 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
4 CVE-2016-9941 119 DoS Exec Code Overflow 2016-12-31 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
5 CVE-2016-9919 20 DoS 2016-12-08 2016-12-13
7.8
None Remote Low Not required None None Complete
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
6 CVE-2016-9916 400 DoS 2016-12-29 2017-06-30
4.9
None Local Low Not required None None Complete
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.
7 CVE-2016-9915 400 DoS 2016-12-29 2017-06-30
4.9
None Local Low Not required None None Complete
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.
8 CVE-2016-9914 400 DoS 2016-12-29 2017-06-30
4.9
None Local Low Not required None None Complete
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.
9 CVE-2016-9913 400 DoS 2016-12-29 2017-06-30
4.9
None Local Low Not required None None Complete
Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.
10 CVE-2016-9863 20 DoS 2016-12-10 2017-06-30
5.0
None Remote Low Not required None None Partial
An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected.
11 CVE-2016-9860 20 DoS 2016-12-10 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
12 CVE-2016-9859 20 DoS 2016-12-10 2017-06-30
5.0
None Remote Low Not required None None Partial
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in import feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
13 CVE-2016-9858 20 DoS 2016-12-10 2017-06-30
5.0
None Remote Low Not required None None Partial
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
14 CVE-2016-9806 415 DoS 2016-12-28 2017-07-17
7.2
None Local Low Not required Complete Complete Complete
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.
15 CVE-2016-9794 416 DoS 2016-12-28 2017-05-17
7.2
None Local Low Not required Complete Complete Complete
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
16 CVE-2016-9793 119 DoS Overflow Mem. Corr. 2016-12-28 2017-07-17
7.2
None Local Low Not required Complete Complete Complete
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
17 CVE-2016-9777 125 DoS +Priv 2016-12-28 2016-12-30
6.9
None Local Medium Not required Complete Complete Complete
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
18 CVE-2016-9755 787 DoS Overflow 2016-12-28 2016-12-30
4.6
None Local Low Not required Partial Partial Partial
The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.
19 CVE-2016-9685 400 DoS 2016-12-28 2016-12-30
4.9
None Local Low Not required None None Complete
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.
20 CVE-2016-9633 399 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
21 CVE-2016-9632 119 DoS Overflow 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
22 CVE-2016-9631 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
23 CVE-2016-9630 119 DoS Overflow 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
24 CVE-2016-9629 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
25 CVE-2016-9628 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
26 CVE-2016-9627 119 DoS Overflow 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.
27 CVE-2016-9626 119 DoS Overflow 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
28 CVE-2016-9625 119 DoS Overflow 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
29 CVE-2016-9624 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
30 CVE-2016-9623 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
31 CVE-2016-9622 476 DoS 2016-12-11 2016-12-13
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
32 CVE-2016-9588 388 DoS 2016-12-28 2017-11-03
2.1
None Local Low Not required None None Partial
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
33 CVE-2016-9576 416 DoS 2016-12-28 2017-01-17
7.2
None Local Low Not required Complete Complete Complete
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
34 CVE-2016-9562 476 DoS 2016-11-22 2017-01-12
5.0
None Remote Low Not required None None Partial
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
35 CVE-2016-9561 399 DoS 2016-12-23 2016-12-23
4.3
None Remote Medium Not required None None Partial
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
36 CVE-2016-9555 125 DoS 2016-11-27 2017-01-06
10.0
None Remote Low Not required Complete Complete Complete
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
37 CVE-2016-9480 119 DoS Overflow +Info 2016-11-29 2016-12-22
6.4
None Remote Low Not required Partial None Partial
libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.
38 CVE-2016-9452 20 DoS 2016-11-25 2016-11-29
4.3
None Remote Medium Not required None None Partial
The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL.
39 CVE-2016-9443 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
40 CVE-2016-9441 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
41 CVE-2016-9440 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
42 CVE-2016-9439 119 DoS Overflow 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
43 CVE-2016-9438 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
44 CVE-2016-9437 119 DoS Overflow Mem. Corr. 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
45 CVE-2016-9434 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
46 CVE-2016-9433 125 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.
47 CVE-2016-9432 119 DoS Overflow Mem. Corr. 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page.
48 CVE-2016-9431 119 DoS Overflow 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
49 CVE-2016-9430 476 DoS 2016-12-11 2017-06-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
50 CVE-2016-9429 119 DoS Exec Code Overflow 2016-12-11 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
Total number of vulnerabilities : 2029   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.